Abstract: Provided is an information processing device that prevents fraudulent updating of registered facial images. The information processing device comprises a database and an updating unit. The database stores a first facial image of a user. In accordance with at least the similarity between the first facial image and a second facial image, the updating unit determines whether to update the first facial image using the second facial image.

Abstract: This disclosure relates to method and apparatus for obtaining data information.

Abstract: Methods, systems and computer storage media are disclosed for providing resources to a platform issue. Embodiments describe associating educational resources and an event resource to resolve the platform issue.

Abstract: An illustrative embodiment disclosed herein is an apparatus including a processor and a memory. In some embodiments, the memory includes programmed instructions that, when executed by the processor, cause the apparatus to apply a category to a first virtual machine (VM) and a second VM, schedule the first VM and the second VM to be placed on a host at least based on the first VM and the second VM including the category, and apply a security policy to the first VM and the second VM at least based on the first VM and the second VM including the category.

Abstract: Systems, devices, and techniques are disclosed for cryptographic key migration. A tenant host may determine a first Key Management Service (KMS) indicated as storing a cryptographic key associated with the tenant host from a new KMS mapping. The tenant host may send a request for the cryptographic key associated with the tenant host to the first KMS. The tenant host may receive an indication from the first KMS that the first KMS does not store the cryptographic key. The tenant host may determine a second KMS indicated as storing the cryptographic key associated with the tenant host from an original KMS mapping. The tenant host may receive the cryptographic key associated with the tenant host from the second KMS. The tenant host may send a request to the second KMS that the cryptographic key associated with the tenant host be replicated from the second KMS to the first KMS.

Abstract: Some embodiments provide a method of performing load balancing for a group of machines that are distributed across several physical sites. The method of some embodiments iteratively computes (1) first and second sets of load values respectively for first and second sets of machines that are respectively located at first and second physical sites, and (2) uses the computed first and second sets of load values to distribute received data messages that the group of machines needs to process, among the machines in the first and second physical sites. The iterative computations entail repeated calculations of first and second sets of weight values that are respectively used to combine first and second load metric values for the first and second sets of machines to repeatedly produce the first and second sets of load values for the first and second sets of machines.

Abstract: Methods, systems, apparatuses, and computer-readable storage mediums are described for authorizing publishing of a message and/or a subscription from an Internet of Things (IoT) device. In an example system, a message broker receives a list of attributes from a claims provider. The message broker determines whether publishing of the message is authorized based at least on the list of attributes, and publishes the message if it is determined that the publishing is authorized. The message broker may also receive a subscription specifying a topic filter. The message broker determines whether the subscription is authorized for the IoT device based at least on the list of attributes, and transmits a subscription message to the IoT device if it is determined that the subscription is authorized.

Abstract: Certain aspects of the disclosure provide a method for managing users, the method comprising: obtaining a first set of visitor identification records; identifying a subset of outlier visitor identification records within the first set of visitor identification records; creating a second set of visitor identification records including all visitor identification records from the first set of visitor identification records other than the subset of outlier visitor identification records; creating a third set of visitor identification records by applying a first filtering scheme to the second set of visitor identification records; creating a fourth set of visitor identification records by applying a second filtering scheme to the second set of visitor identification records; generating one or more stitched visitor IDs by stitching visitor identification records in the fourth set of visitor identification records; and determining a stitching accuracy probability for each of the one or more stitched visitor IDs.

Abstract: A method for compliance with Know Your Customer (KYC) and other regulations includes a pseudonymous globally unique identifier stored on a blockchain that associates a pseudonymous first party address with a globally unique identifier representing the vetted identity of the owner of the address. The method also includes a trusted third party issuing a verifiable credential for a first pseudonymous party to a proposed transaction to a second pseudonymous party to the transaction.

Abstract: Methods, apparatus, and systems are disclosed to measure media consumption. An apparatus includes a memory, machine readable instructions, and processor circuitry to instantiate or execute the machine readable instructions to access a domain pattern signature representative of a request to obtain media, the domain pattern signature includes (a) a set of domain names and (b) one or more of a location of the request, a time of the request, or a characteristic of a device used to execute the request, compare the domain pattern signature to one or more reference signatures, determine a first reference signature includes (a) a matching set of domain names and (b) one or more of a matching location of the request, a matching time of the request, or a matching characteristic of the device used to execute the request, and credit the domain pattern signature with an Internet site associated with the first reference signature.

Abstract: Techniques are disclosed for distributing data in a content delivery network configured to provide edge services using a plurality of service providers. Data indicative of data usage and cost data for the plurality of service providers is accessed. Based on the accessed data, an effective unit cost, multiplex efficiency, and channel utilization are determined for a selected user. A Bayesian optimization algorithm is applied to at least a portion of the accessed data. The content delivery network is configured to redistribute data traffic for the selected user based on a result of the applied Bayesian optimization algorithm.

Abstract: Methods, systems, and devices for wireless communications are described. A user equipment (UE) that transmits sensor data to another UE may also send information about the associated sensor and its performance. For example, the UE may determine a set of rules that apply to a sensor. The set of rules may define an association between a group of performance values and a group of performance levels corresponding to one or more metrics of the sensor. The UE may identify a performance value from the group of performance values for the sensor based on a performance level of the sensor and the set of rules. After determining the performance value, the UE may transmit an indication of the set of in a first data frame of a message and an indication of the performance value in a second data frame of the message.

Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed for traffic control for application-independent service mesh. In one example, processor circuitry to perform operations to instantiate ingress traffic management circuitry to receive ingress traffic events, at least one of the ingress traffic events to request access to a target microservice running on the second endpoint. The processor circuitry further performs operations to instantiate virtual service authorization circuitry to perform a look up of an authorization policy to the target microservice in the microservice catalog. Finally, the processor circuitry performs operations to instantiate endpoint selection circuitry to select the second endpoint to service the ingress traffic event in response to the authorization policy allowing access to the target microservice.

Abstract: A method includes identifying, by a Domain Name Service (DNS) server, a dynamic configuration file. The method further includes receiving, by the DNS server from a first client device, a first request for a network resource. The first request includes first client context associated with the first client device. The method further includes identifying, by the DNS server based on the network resource of the first request, a dynamic variable in the dynamic configuration file. The dynamic variable includes one or more algorithmically-defined rules. The method further includes determining, by the DNS server based on at least one of the one or more algorithmically-defined rules of the dynamic variable and the first client context, a first response to the first request. The method further includes providing, by the DNS server, the first response to the first client device.

Abstract: An apparatus for accessing web pages includes: a communication interface; and a processor communicatively coupled to the communication interface and configured to: receive a web crawler request, from the communication interface, to access a specified web page; select a first selected proxy server from among a plurality of proxy servers; send, via the communication interface, a first access request to the first selected proxy server requesting access to the specified web page; receive, via the communication interface, a response from the selected proxy server corresponding to the first access request; analyze the response from the selected proxy server; select a second selected proxy server from among the plurality of proxy servers in response to determining from the response that the first access request was denied; and send, via the communication interface, a second access request to the second selected proxy server requesting access to the specified web page.

Abstract: Some embodiments provide a method for a health monitoring service that monitors a system with a set of services executing across a set of one or more datacenters. For each of multiple services monitored by the health monitoring service, the method (1) contacts an API exposed by the service to provide health monitoring data for the service and (2) receives health monitoring data for the service that provides, for each of multiple aspects of the service, (i) a status and (ii) an explanation for the status in a uniform format used by the APIs of each of the services. At least two different services provide health monitoring data in the uniform format for different groups of aspects of the services.

Abstract: This disclosure describes techniques for performing multi-factor authentication (MFA) by utilizing user generated authenticating gestures. The techniques may include establishing and monitoring peer-to-peer communication links between user devices. The techniques may include monitoring channel properties for fluctuations in the channel properties associated with the user generated authenticating gesture passing through signals of the communication links. The techniques may further include comparing a gesture performed by a user to a predefined authenticating gesture. The techniques may include determining a pattern of fluctuations in the channel properties associated with the predefined authenticating gesture. The techniques may include determining a confidence score associated with comparing the gesture performed and the predefined authenticating gesture. The techniques may further include determining a proximity of the user and/or the gesture to the user device.

Abstract: Execution of client code in a shared infrastructure comprises instantiating a container manager to manage containers and routers configured to receive calls requesting execution of the client code. The container manager pre-initializes a plurality of containers and registered the containers in a database to indicate that the plurality of containers are available. A router receives a call to execute the client code and selects an available first container identified in the database. The call is routed to the selected container and the status of the container is updated to in-use to prevent another router from selecting the container. Responsive to the selected container processing the call, the router receives a response from the container and returns the response to the caller. The containers then marked for deletion in the database. The container manager then deletes any of the containers marked for deletion to prevent the containers from processing subsequent calls.

Abstract: Techniques for scalable virtualization of an Input/Output (I/O) device are described. An electronic device composes a virtual device comprising one or more assignable interface (AI) instances of a plurality of AI instances of a hosting function exposed by the I/O device. The electronic device emulates device resources of the I/O device via the virtual device. The electronic device intercepts a request from the guest pertaining to the virtual device, and determines whether the request from the guest is a fast-path operation to be passed directly to one of the one or more AI instances of the I/O device or a slow-path operation that is to be at least partially serviced via software executed by the electronic device. For a slow-path operation, the electronic device services the request at least partially via the software executed by the electronic device.

Abstract: A system and corresponding method gather information about browsing and purchasing behavior of web users to avoid tracking information associated with individual web browser instances. The system enables collection of historical and statistical information by legitimate interested parties to be severed from information about the behavior of a browser instance, and so too from information about the user of the browser instance. The system is configured to perform at least one of: (i) masking a web browser cookie to prevent use of the cookie to access browsing information related to a user and (ii) replace stories about sequences of browser behaviors with statistics about abstracted “story types.” A story type is a sequence of behavior types common to all web browser instances which have performed that sequence. An example embodiment uses masking and aggregation techniques, frequently, and includes a variety of industry standard security measures specially adapted to these purposes.